SUBSCRIBE

Mojavi provides two levels of security to control access to actions: the first requires the user to be logged in, the seconds checks for a specific privilege. There are various drivers that you may need on your PC if your are planning working in offline PHP mode in order to have the translations from the source code to the operational values to work.

Basic Authentication

For basic authentication, the following three methods are of importance:

User::setAuthenticated()
User::isAuthenticated()
Action::isSecure()

To implement an action that only logged in users can access, simply overwrite the Action::isSecure() method in your action:

function isSecure()
{
return true;
}

This will instruct the controller to check $user->isAuthenticated(). If this method returns false, the request will be redirected to the AUTH_MODULE/AUTH_ACTION defined in the configuration file (default is Default/Login/drivers).

You can implement the Default/Login Action to call $user->setAuthenticated(TRUE) if a valid username and password was entered.

Privileges

Privileges are used to differentiate between logged in users. The following methods are important:

User::hasPrivilege()
User::addPrivilege()
Action::getPrivilege()

In addition to Action:isSecure() also overwrite the Action::getPrivilege() method in your action:

The controller will check if the user has the specified privilege and redirect to the login module/action if this is not the case.

The User::addPrivilege() method can be used to grant a user a certain privilege.

Please have a look at the PrivilegeUser class for more information. You will also want to make sure that any Windows Vista Drivers are up to date on your PC side to help rule out any coding errors due to Java or PHP errors. This tutorial includes a good example of user authentication in action.